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DETAILED ACTION 
Information Disclosure Statement 

1 . The information disclosure statements (IDS) submitted on 12/06/2003 and 
12/23/2003 have been received, entered into the record, and considered. The 
submission is in compliance with the provisions of 37 CFR 1 .97. Accordingly, the 
information disclosure statement is being considered by the examiner. 

Claim Rejections - 35 USC § 102 

2. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 1 02 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(b) the invention was patented or described in a printed publication in this or a foreign country or in public 
use or on sale in this country, more than one year prior to the date of application for patent in the United 
states. 

3. Claims 1-8, 12-17, 19-27, 31-36, 38-46, 50-55, and 57 are rejected under 35 
U.S.C. 102(b) as being anticipated by Carlisle etal. ("Carlisle" (U.S. Patent 
5,649,118)). 

4. Regarding claim 1 , Carlisle teaches a system comprising: 

A) a client having a plurality of applications residing thereon (Column 12, lines 60-63); 
and 

B) a secure token having a storage architecture (Column 4, lines 18-26), wherein the 
storage architecture includes: 
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C) a directory and one or more attributes associated with the directory (Column 4, lines 
18-26), wherein the one or more attributes associated with the directory are used to 
control access to the directory by the plurality of applications (Column 5, lines 20-30, 
Figure 2); 

D) one or more cell groups under the directory (Column 4, lines 18-26), each cell group 
having one or more associated attributes, wherein the one or more attributes associated 
with a cell group are used to control access to that cell group by the plurality of 
applications (Column 5, lines 20-30, Figure 2); and 

E) one or more cells under each cell group (Column 4, lines 18-26), each cell having 
one or more associated attributes, wherein the one or more attributes associated with a 
cell are used to control access to that cell by the plurality of applications (Column 5, 
lines 20-30, Figure 2). 

The examiner notes that "password" (Column 5, line 23) is analogous to an 
"attribute". 

Regarding claims 2, 21, and 40, Carlisle further teaches a system, secure token, 
and method comprising: 

A) wherein the one or more attributes associated with the directory permit access to the 
directory by one application and deny access to the directory to another application 
(Column 5. lines 20-30, Figure 2). 
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Regarding claims 3, 22, and 41 , Carlisle further teaches a system, secure token, 
and method comprising: 

A) wherein the one or more attributes associated with the cell group permit access to 
that cell group by one application and deny access to that cell group to another 
application (Column 5, lines 20-30, Figure 2). 

Regarding claims 4, 23, and 42, Carlisle further teaches a system, secure token, 
and method comprising: 

A) wherein the one or more attributes associated with the cell permit access to that cell 
by one application and deny access to that cell to another application (Column 5, lines 
20-30, Figure 2). 

Regarding claims 5, 24, and 43, Carlisle further teaches a system, secure token, 
and method comprising: 

A) wherein one or more additional cell groups are added to the directory subsequent to 
Issuance of the secure token to a token holder (Column 14, lines 60-67-Column 15, 
lines 1-10). 

Regarding claims 6, 25, and 44, Carlisle further teaches a system, secure token, 
and method comprising: 
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A) wherein ownership of one of the one or more cell groups is detemnined subsequent 
to Issuance of the secure token to a token holder (Column 14, lines 60-67-Column 15, 
lines 1-10). 

Regarding claims 7, 26, and 45, Carlisle further teaches a system, secure token, 
and method comprising: 

A) wherein ownership of one of the one or more cell groups is modified subsequent to 
issuance of the secure token to a token holder (Column 14, lines 60-67-Column 15, 
lines 1-10). 

Regarding claims 8, 27, and 46, Carlisle further teaches a system, secure token, 
and method comprising: 

A) wherein one or more additional cells are added to a cell group subsequent to 
issuance of the secure token to a token holder (Column 14, lines 60-67-Column 15, 
lines 1-10). 

Regarding claims 12, 31 , and 50, Carlisle further teaches a system, secure 
token, and method comprising: 

A) wherein the one or more attributes associated with a cell further control operations 
on contents of that cell by the plurality of applications (Column 16, lines 65-67-Column 
17. lines 1-19). 
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Regarding claims 13, 32, and 51, Carlisle further teaches a system, secure 
token, and method comprising: 

A) wherein the one or more attributes associated with the cell permit a first set of 
operations on the contents of that cell by a first application (Column 16, lines 65-67- 
Column 17, lines 1-19); 

B) wherein the one or more attributes associated with the cell permit a second set of 
operations on the contents of that cell by a second application (Column 16, lines 65-67- 
Column 17, lines 1-19); and 

C) wherein the first set of operations is different from the second set of operations 
(Column 16, lines 65-67-Column 17, lines 1-19). 

Regarding claims 14, 33, and 52, Carlisle further teaches a system, secure 
token, and method comprising: 

A) wherein the one or more attributes associated with the directory permit a first 
application to access the directory after a first access condition is satisfied (Column 16, 
lines 65-67-Column 17, lines 1-19); 

B) wherein the one or more attributes associated with the directory pemiit a second 
application to access the directory after a second access condition is satisfied (Column 
16, lines 65-67-Column 17, lines 1-19); and 

C) wherein the first access condition is different from the second access condition 
(Column 16, lines 65-67-Column 17, lines 1-19). 
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Regarding claims 15, 34, and 53, Carlisle further teaches a system, secure 
token, and method comprising: 

A) wherein the one or more attributes associated with the cell group perniit a first 
application to access that cell group after a first access condition is satisfied (Column 
16, lines 65-67-Column 17, lines 1-19); 

B) wherein the one or more attributes associated with the cell group permit a second 
application to access that cell group after a second access condition is satisfied 
(Column 16, lines 65-67-Column 17, lines 1-19); and 

C) wherein the first access condition is different from the second access condition 
(Column 16, lines 65-67-Column 17, lines 1-19). 

Regarding claims 16, 35, and 54, Carlisle further teaches a system, secure 
token, and method comprising: 

A) wherein the one or more attributes associated with the cell permit a first application 
to access that cell after a first access condition is satisfied (Column 16, lines 65-67- 
Column 17, lines 1-19); 

B) wherein the one or more attributes associated with the cell pemiit a second 
application to access that cell after a second access condition Is satisfied (Column 16, 
lines 65-67-Column 17, lines 1-19); and 

C) wherein the first access condition is different from the second access condition 
(Column 16, lines 65-67-Column 17, lines 1-19). 
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Regarding claims 17. 36, and 55, Carlisle further teaches a system, secure 
token, and method comprising: 

A) wherein the secure tolten is a smart card (Column 4, lines 18-26). 

Regarding claims 19, 38, and 57, Carlisle further teaches a system, secure 
token, and method comprising: 

A) wherein the smart card is a static or native smart card (Carlisle, Figure 2). 

Regarding claims 20 and 39, Carlisle teaches a secure token and method 
comprising: 

A) a directory and one or more attributes associated with the directory (Column 4, lines 
1 8-26), wherein the one or more attributes associated with the directory are used to 
control access to the directory by the plurality of applications (Column 5, lines 20-30, 
Figure 2); 

B) one or more cell groups under the directory (Column 4, lines 18-26), each cell group 
having one or more associated attributes, wherein the one or more attributes associated 
with a cell group are used to control access to that cell group by the plurality of 
applications (Column 5, lines 20-30, Figure 2); and 

C) one or more cells under each cell group (Column 4, lines 18-26), each cell having 
one or more associated attributes, wherein the one or more attributes associated with a 
cell are used to control access to that cell by the plurality of applications (Column 5, 
lines 20-30, Figure 2). 
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Claim Rejections - 35 USC § 103 

5. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
Invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

6. This application currently names joint inventors. In considering patentability of 
the claims under 35 U.S.C. 103(a), the examiner presumes that the subject matter of 
the various claims was commonly owned at the time any inventions covered therein 
were made absent any evidence to the contrary. Applicant is advised of the obligation 
under 37 CFR 1 .56 to point out the inventor and invention dates of each claim that was 
not commonly owned at the time a later invention was made in order for the examiner to 
consider the applicability of 35 U.S.C. 103(c) and potential 35 U.S.C. 102(e), (f) or (g) 
prior art under 35 U.S.C. 1 03(a). 

7. Claims 9-1 1 , 28-30, and 47-49 are rejected under 35 U.S.C. 1 03(a) as being 
unpatentable over Carlisle et al. (U.S. Patent 5,649,1 18) as applied to claims 1-8, 12- 
17, 19-27, 31-36, 38-46, 50-55, and 57 above and in view of Deo et ai. (U.S. Patent 
6.970,891). 
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8. Regarding claims 9, 28, and 47, Carlisle does not explicitly teach a system, 
secure token, and method comprising: 

A) wherein the one or more attributes associated with the directory are modified in 
terms of permitting or denying access to the directory by the plurality of applications. 

Deo, however, teaches "wherein the one or more attributes associated with 
the directory are modified in terms of permitting or denying access to the 
directory by the plurality of applications" as "the file system includes an ACL 
(access control list) that performs the security function of determining which users 
and/or applications have access to which files" (Column 4, lines 37-44). 

It would have been obvious to one of ordinary skill in the art at the time the 
invention was made to combine the teachings of the cited references because teaching 
Deo's would have allowed Carlisle's to provide a method to render data in volatile 
memory available to multiple applications in a simple way, but in a secure fashion to 
protect against unintentional usage by rogue or malicious applications, as noted by Deo 
(Column 1 , lines 29-32). 

Regarding claims 10, 29, and 48, Carlisle does not explicitly teach a system, 
secure token, and method comprising: 

A) wherein the one or more attributes associated with a cell group are modified in terms 
of permitting or denying access to that cell group by the plurality of applications. 
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Deo, however, teaches "wherein the one or more attributes associated with 
a cell group are modified in terms of permitting or denying access to that cell 
group by the plurality of applications" as "the file system includes an ACL (access 
control list) that performs the security function of determining which users and/or 
applications have access to which files" (Column 4, lines 37-44). 

It would have been obvious to one of ordinary skill in the art at the time the 
Invention was made to combine the teachings of the cited references because teaching 
Deo's would have allowed Carlisle's to provide a method to render data in volatile 
memory available to multiple applications in a simple way, but in a secure fashion to 
protect against unintentional usage by rogue or malicious applications, as noted by Deo 
(Column 1 , lines 29-32). 

Regarding claims 1 1, 30 and 49 Carlisle does not explicitly teach a system, 
secure token, and method comprising: 

A) wherein the one or more attributes associated with a cell are modified in terms of 
permitting or denying access to that cell by the plurality of applications. 

Deo, however, teaches "wherein the one or more attributes associated with 
a cell are modified in terms of permitting or denying access to that cell by the 
plurality of applications" as "the file system includes an ACL (access control list) that 
performs the security function of determining which users and/or applications have 
access to which files" (Column 4, lines 37-44). 
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It would have been obvious to one of ordinary skill in the art at the time the 
invention was made to combine the teachings of the cited references because teaching 
Dec's would have allowed Carlisle's to provide a method to render data in volatile 
memory available to multiple applications in a simple way, but in a secure fashion to 
protect against unintentional usage by rogue or malicious applications, as noted by Deo 
(Column 1, lines 29-32). 

9. Claims 18, 37, and 56 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Carlisle et al. (U.S. Patent 5,649,1 18) as applied to claims 1-8, 12- 
17, 19-27, 31-36, 38-46, 50-55, and 57 above and in view of Wentker et al. (U.S. 
Patent 6,481,632). 

Regarding claims 18, 37 and 56, Carlisle does not explicitly teach a system, 
secure token, and method comprising: 
A) wherein the smart card is an open platfomn smart card. 

Wentker, however, teaches "wherein the smart card is an open platform 
smart card" as "open platform architecture" (Column 5, lines 59-67). 

It would have been obvious to one of ordinary skill in the art at the time the 
invention was made to combine the teachings of the cited references because teaching 
Wentker's would have allowed Carlisle's to provide a method to manage and change 
the content of cards wile allowing for the flexibility to share control of the card with other 
business entities, as noted by Wentker (Column 5, lines 66-67-Column 6, lines 1-2). 
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Conclusion 

1 0. The prior art made of record and not relied upon is considered pertinent to 
applicant's disclosure. 

U.S. Patent 6,199,762 issued to Hohle on 13 March 2001. The subject matter 
disclosed therein is pertinent to that of claims 1-59 (e.g., methods to secure and use 
smart cards). 

U.S. Patent 6,367,01 1 issued to Lee et al. on 02 April 2002. The subject matter 
disclosed therein is pertinent to that of claims 1-59 (e.g., methods to secure and use 
smart cards). 

U.S. Patent 5,682,027 issued to Bertina et al. on 28 October 1997. The subject 
matter disclosed therein is pertinent to that of claims 1-59 (e.g., methods to secure and 
use smart cards). 

Contact Information 

1 1 . Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Mahesh Dwivedi whose telephone number is (571) 272- 
2731 . The examiner can normally be reached on Monday to Friday 8:20 am - 4:40 pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Tim Vo can be reached (571) 272-3642. The fax number for the 
organization where this application or proceeding is assigned is (571) 273-8300. 
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Information regarding Vne status of an application may be obtained from the 
Patent Application Infomnation Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see httD://pair-direct.usDto.aov . Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 
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